Htmldoc Project Htmldoc vulnerabilities
24 known vulnerabilities affecting htmldoc_project/htmldoc.
Total CVEs
24
CISA KEV
0
Public exploits
1
Exploited in wild
0
Severity breakdown
CRITICAL6HIGH13MEDIUM5
Vulnerabilities
Page 2 of 2
CVE-2022-27114P4MEDIUMCVSS 5.5v1.9.162022-05-09
CVE-2022-27114 [MEDIUM] CWE-190 CVE-2022-27114: There is a vulnerability in htmldoc 1.9.16. In image_load_jpeg function image.cxx when it calls mall
There is a vulnerability in htmldoc 1.9.16. In image_load_jpeg function image.cxx when it calls malloc,'img->width' and 'img->height' they are large enough to cause an integer overflow. So, the malloc function may return a heap blosmaller than the expected size, and it will cause a buffer overflow/Address boundary error in the jpeg_read_scanlines fu
nvdosv
CVE-2022-0137P4MEDIUMCVSS 5.5fixed in 1.9.152022-11-14
CVE-2022-0137 [MEDIUM] CWE-119 CVE-2022-0137: A heap buffer overflow in image_set_mask function of HTMLDOC before 1.9.15 allows an attacker to wri
A heap buffer overflow in image_set_mask function of HTMLDOC before 1.9.15 allows an attacker to write outside the buffer boundaries.
nvdosv
CVE-2022-24191P4MEDIUMCVSS 5.5fixed in 1.9.152022-04-04
CVE-2022-24191 [MEDIUM] CWE-835 CVE-2022-24191: In HTMLDOC 1.9.14, an infinite loop in the gif_read_lzw function can lead to a pointer arbitrarily p
In HTMLDOC 1.9.14, an infinite loop in the gif_read_lzw function can lead to a pointer arbitrarily pointing to heap memory and resulting in a buffer overflow.
nvdosv
CVE-2021-40985P4MEDIUMCVSS 5.5fixed in 1.9.122021-11-03
CVE-2021-40985 [MEDIUM] CWE-125 CVE-2021-40985: A stack-based buffer under-read in htmldoc before 1.9.12, allows attackers to cause a denial of serv
A stack-based buffer under-read in htmldoc before 1.9.12, allows attackers to cause a denial of service via a crafted BMP image to image_load_bmp.
nvdosv
← Previous2 / 2